Skip to content

docs: improve gha vulnerabilities documentation #645

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Sep 22, 2025
Merged

docs: improve gha vulnerabilities documentation #645

merged 4 commits into from
Sep 22, 2025

Conversation

moe-ad
Copy link
Contributor

@moe-ad moe-ad commented Sep 17, 2025

closes #643

@moe-ad moe-ad self-assigned this Sep 17, 2025
@github-actions github-actions bot added the documentation Improvements or additions to documentation label Sep 17, 2025
@moe-ad moe-ad requested a review from clatapie September 17, 2025 16:44
clatapie
clatapie reviewed Sep 18, 2025
View reviewed changes
Copy link
Contributor

@clatapie clatapie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on it @moe-ad!
I added a few comments especially regarding the explanation of the vulnerabilities.

IMO each vulnerabilities should be structured as follow:

**Vulnerability title**

Brief explanation of the vulnerability / why it is important to fix it.
Link to zizmor documentation for further explanation

.. tab-set::
   .. tab-item: Title emphasizing the vulnerability
     .. code:: yaml
       CICD WITH VULNERABILITY # additional comment to point out the vulnerability
   .. tab-item: Title emphasizing the solution
     .. code:: yaml
       SAFE CICD # additional comment to point out the fix

Any additional note / tips

Feel free to share any views on this structure.

@moe-ad
Copy link
Contributor Author

moe-ad commented Sep 18, 2025

@clatapie thanks for the suggestions. I will make adjustments.

@moe-ad moe-ad marked this pull request as ready for review September 22, 2025 11:16
@github-actions github-actions bot added the dependencies Related with project dependencies label Sep 22, 2025
RobPasMue
RobPasMue approved these changes Sep 22, 2025
View reviewed changes
Copy link
Member

@RobPasMue RobPasMue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@moe-ad moe-ad merged commit 88bd523 into main Sep 22, 2025
8 checks passed
@moe-ad moe-ad deleted the docs/improve-gha-vulnerabilities-documentation branch September 22, 2025 14:57
github-actions bot pushed a commit that referenced this pull request Sep 22, 2025
@moe-ad
docs: improve gha vulnerabilities documentation (#645)
3b49c24 
* docs: improve gha vulnerabilities documentation

* docs: fix code block

* docs: add content

* docs: review suggestions and vale errors
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@clatapie clatapie clatapie left review comments

@RobPasMue RobPasMue RobPasMue approved these changes

@jorgepiloto jorgepiloto Awaiting requested review from jorgepiloto

Assignees

@moe-ad moe-ad

Labels
dependencies Related with project dependencies documentation Improvements or additions to documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

GHA vulnerabilities documentation improvements
3 participants
@moe-ad @RobPasMue @clatapie